Client should reject CLIENT-only error codes sent by the server

Per @vuvova in #223 (comment): > I don't think the client should accept client-side errors from the server > at all. If the server sends an error packet with error codes in the ranges `CR_{MIN,MAX}_ERROR` (codes [2000, 2999]) or `CER_{MIN,MAX}_ERROR` (codes [5000, 5999]), we will replace these with `CR_MALFORMED_PACKET`, rather than propagating them to the client user.
mariadb-corporation · Dec 21, 2023 · 4419abe · maksimu · Dec 21, 2023 · dlenski
1 parent 00fb206
commit 4419abe
Showing 1 changed file with 19 additions and 7 deletions.
diff --git a/libmariadb/mariadb_lib.c b/libmariadb/mariadb_lib.c
@@ -241,18 +241,30 @@ ma_net_safe_read(MYSQL *mysql)
         }
         goto restart;
       }
-      net->last_errno= last_errno;
-      if (pos[0]== '#')
+      if (last_errno >= CR_MIN_ERROR && last_errno <= CR_MAX_ERROR ||
+          last_errno >= CER_MIN_ERROR && last_errno <= CER_MAX_ERROR)
       {
-        ma_strmake(net->sqlstate, pos+1, SQLSTATE_LENGTH);
-        pos+= SQLSTATE_LENGTH + 1;
+        /* The server appears to have sent an error code within the
+         * range(s) of error codes that should only be generated
+         * client-side.
+         */
+        my_set_error(mysql, CR_MALFORMED_PACKET, SQLSTATE_UNKNOWN, 0);
       }
       else
       {
-        strncpy(net->sqlstate, SQLSTATE_UNKNOWN, SQLSTATE_LENGTH);
+        net->last_errno= last_errno;
+        if (pos[0]== '#')
+        {
+          ma_strmake(net->sqlstate, pos+1, SQLSTATE_LENGTH);
+          pos+= SQLSTATE_LENGTH + 1;
+        }
+        else
+        {
+          strncpy(net->sqlstate, SQLSTATE_UNKNOWN, SQLSTATE_LENGTH);
+        }
+        ma_strmake(net->last_error,(char*) pos,
+                min(len,sizeof(net->last_error)-1));
       }
-      ma_strmake(net->last_error,(char*) pos,
-              min(len,sizeof(net->last_error)-1));
     }
     else
     {